Midterm II 

 
Question 1​ 2 pts 
 
Alice to Bob - “I’m Alice”, [{T}​Bob​]​Alice 
Bob to Alice - [{T+1}​Alice​]​Bob 
Alice to Bob - E(T+2, K) 
 
Where the Session Key K is: K = T*45 + 905 [Note: this algorithm is public knowledge] 
T is the Timestamp 
{...} is encryption with specified PUBLIC key. 
[...] is encryption with specified PRIVATE key. 
E(...,K) is encryption with K key. 
  
How would you attack this protocol? There are at least two ways, can you find both of them? 

 
 
 
Question 2​ 3 pts 
 
Design an efficient protocol that, relying on Timestamps, ensures secure key establishment (session key) 
but allows only one party (Alice) to be authenticated, while the other party (Bob) is not authenticated. 
Furthermore, the protocol should only use public key encryption, no private key or symmetric key 
encryption is allowed. 
 
You can copy and paste this format:  
Alice to Bob - “I’m Alice”, ...  
Bob to Alice - ... 
Alice to Bob - ... 

 
 
   
 
Question 3​ 3 pts 
 
Design an efficient protocol that, using both symmetric and public key crypto, ensures secure key 
establishment (session key), but allows only one party (Bob) to be authenticated, while the other party 
(Alice) is not authenticated. Note: The protocol should use both public key crypto and a pre-shared 
symmetric key. 
 
You can copy and paste this format:  
Alice to Bob - “I’m Alice”, ... 
Bob to Alice - ... 
Alice to Bob - ... 

 
 
 
Question 4​ 3 pts 
 
You work in a classified environment where Bell-LaPadula MLS (Multilevel Security) model is employed. 
Your clearance is "SECRET" (on a scale TOP SECRET > SECRET > CLASSIFIED > UNCLASSIFIED). 
 
Your company is furnished with a shared and synchronized cloud drive, where:  
● A user, any clearance, can send a document, accessible by any computer in the same network, no 
matter the clearance.  
● The document can be printed by any employees, using a computer with the right clearance.  
● All the computers connected to the same network can see the documents in the drive. 
● The user's computer clearance is the same as the user's clearance.  
● The document is added to the drive without any delay.  
● The classification of the document to print is the same as the clearance of the computer used to 
upload it. 
  
Please, describe a potential covert channel to disclose SECRET documents to someone with CLASSIFIED 
clearance. 
 
PROBLEM: If you print SECRET documents, you go directly to jail without passing GO. The system, in fact, 
checks any document added to the drive. If documents with clearance higher than UNCLASSIFIED are 
printed, it raises an alarm. 

✅ Look at “Midterm Results” document 

 
   
 
Question 5​ 3 pts 
 
Considering the TCP ACK Scan that we have seen in class, write a signature for an Intrusion Detection 
System (IDS) that is able to catch it. 
 
Example of a signature seen in class: “N failed login attempts in M seconds” 

✅ Look at your solution for Homework #4 Question 3 

 
 
Question 6​ 1 pts 
 
Please, imagine a possible Biometric System that relies on human feet and has a high Equal Error Rate. 
 
Would it be better for Identification, Authentication or both? 

✅ Authentication 
 
 
Question 7​ 1 pts 
 
These are the Equal Error Rates for four different kinds of Biometric Systems: 
 
10​-10 
10​-2 
10​-30 
10​-1 
 
Can you select the one that belongs to the more reliable (especially in terms of accuracy), considering 
both the Insult Rate and the Fraud Rate? 

✅ 10^(-30) 
 
 
   
 
Question 8​ 1 pts 
 
Please, judge these three Access Control Matrices, which of them is affected by the Confused Deputy 
security problem?  
 
(Alice, Alexis and Mickey are users; BILL is a file; Compiler is a compiler) 

✅ None of them is affected 

 
 
 
Question 9​ 1 pts 
 
Alice to Bob - “I’m Alice”, {R​A​}​Bob 
Bob to Alice - {R​A​, R​B​}​Alice 
Alice to Bob - E(R​B​, K) 
 
Where R and R are the nonces (respectively from Alice and Bob), K is the shared symmetric Key known in 
advance by the two parties.  
 
{...} is encryption with specified PUBLIC key.  
E(...,K) is encryption with specified key. 
 
If Trudy tries to recreate this conversation, will she be able to do it? 

✅ No 
 
 
Question 10​ 1 pts 
 
Given this protocol: 
 
Alice to Bob: “I'm Alice” 
Bob to Alice: “R” 
Alice to Bob: “[R]​Alice​” 
 
Where [..] is the signature. 
 
Is mutual authentication ensured? 

✅ No 
 
   
 
Question 11​ 1 pts 
 
Given this protocol: 
 
Alice to Bob: "I'm Alice", R 
Bob to Alice: {[R, K]​Bob​}​Alice 
Alice to Bob: {[R+1, K]​Bob​}​Alice 
 
Where R is the nonce, K is the session Key,  
{...} is encryption with specified PUBLIC key.  
[...] is encryption with specified PRIVATE key. 
 
Which of these properties are ensured? (select all that apply) 

✅
✅ Mutual Authentication 

✅ Session key K is protected 

Protection to Replay Attack 

 
 
 
Question 12​ 1 pts 
 
Given this protocol: 
 
Alice to Bob: "I'm Alice", R 
Bob to Alice: {[R, K]​Bob​}​Alice 
Alice to Bob: {R+1, K}​Bob 
 
Where R is the nonce, K is the session Key,  
{...} is encryption with specified PUBLIC key.  
[...] is encryption with specified PRIVATE key. 
 
Which of these properties are ensured? (select all that apply) 

✅
✅ Mutual Authentication 

✅ Protection to Replay Attack 

Session key K is protected 
 
Should show 11/25 points after submission